Commit | Line | Data |
---|---|---|
f2571f84 FT |
1 | #!/bin/bash |
2 | ||
3 | usage() { | |
4 | echo "usage: certreq [-h] [-a ALTNAMES] SUBJECT KEYFILE" | |
5 | echo ' SUBJECT is of the form `/PART1=VALUE1/PART2=VALUE2/...'\' | |
6 | echo ' ALTNAMES is of the form `DNS:name1,DNS:name,...'\' | |
7 | } | |
8 | ||
9 | declare -A reqexts config | |
10 | while getopts ha: OPT; do | |
11 | case "$OPT" in | |
12 | h) | |
13 | usage | |
14 | exit 0 | |
15 | ;; | |
16 | a) | |
17 | reqexts[SAN]=1 | |
18 | config[SAN]=1 | |
19 | config_SAN=("${config_SAN[@]}" "subjectAltName=$OPTARG") | |
20 | ;; | |
21 | esac | |
22 | done | |
23 | shift $((OPTIND - 1)) | |
24 | if [ $# -lt 2 ]; then | |
25 | usage >&2 | |
26 | exit 1 | |
27 | fi | |
28 | ||
29 | args=(openssl req -new) | |
30 | if [ -n "${!reqexts[*]}" ]; then | |
31 | args=("${args[@]}" -reqexts "${!reqexts[@]}") | |
32 | fi | |
33 | if [ -n "${!config[*]}" ]; then | |
34 | confpath="$(mktemp /tmp/certreq-XXXXXX)" | |
35 | cat /etc/ssl/openssl.cnf >>"$confpath" | |
36 | for section in "${!config[@]}"; do | |
37 | echo "[${section}]" >>"$confpath" | |
38 | var="config_${section}[@]" | |
39 | for confopt in "${!var}"; do | |
40 | echo "$confopt" >>"$confpath" | |
41 | done | |
42 | echo >>"$confpath" | |
43 | done | |
44 | trap 'rm -f "$confpath"' EXIT | |
45 | args=("${args[@]}" -config "$confpath") | |
46 | fi | |
47 | args=("${args[@]}" -subj "$1" -key "$2") | |
48 | ||
49 | "${args[@]}" |